23 July 21, 12:20
Quote:The benefits of using a cloud-based management platform to monitor and configure industrial control systems (ICS) devices are obvious — efficiency, cost-savings and better diagnostics just for starters. But new research found critical vulnerabilities in these platforms that could be used to paralyze operations if left unmitigated.
An analysis by Claroty’s newly branded Team82 research team found striking vulnerabilities in the CODESYS and WAGO industrial systems, which make use of cloud-based automation for operational technology (OT) — a segment often referred to as “Industry 4.0.”
CODESYS has developed a cloud-based platform called Automation Server to manage programmable logic controllers (PLCs) remotely, which are the computers involved in managing physical industrial equipment. OT engineers using Automation Server can download logic and configure their PLCs through the cloud-based Automation Server management console.
WAGO PFC100/200 meanwhile is a series of PLCs that make heavy use of the CODESYS runtime, and most of the communication, configuration and programming of these PLCs is done through the CODESYS platform. These devices can also be managed by the CODESYS Automation Server platform, and engineers can remotely download logic to them.
The vulnerabilities, if exploited, can lead to serious consequences, including gaining control of industrial equipment and operations.
“A vulnerability in a Level 0/1 device such as a PLC can be leveraged to launch attacks targeting a cloud-based management system,” the Team82 report said. “And the reverse is also true: Weaknesses in the cloud platform and its peripherals can put an attacker in the driver’s seat for uncontrolled access to field devices and industrial processes.”
Read more: Industrial Networks Exposed Through Cloud OT | Threatpost